Protection & Endpoints

Learn how to manage endpoints.

What is an endpoint?

An endpoint has 3 main properties:

  • traffic source: it indicates the origin of the traffic directed to the endpoint
  • traffic usage: it indicates the functional context of the resources included in the endpoint, to separate different parts of your website and/or mobile app
  • name: a name of your choice, to identify the traffic directed to the endpoint in the dashboard

📘

Fine-grained protection

DataDome uses the traffic source and traffic usage parameters to apply the right algorithms and detect specific threats.

Traffic sources

We define the following values for the sources:

ValueDescription
Web Browsersrequests coming from all Browsers (mobile or desktop) on websites or APIs
Mobile Appsrequests coming from mobile apps (iOS, Android) on APIs
APIsautomated requests coming from machine/scripts on APIs

Traffic usages

We currently propose the following usages:

NameDescriptionExamplesHTTP methods
GeneralDefault endpoint type. All URLs that are not included in another endpoint configuration.domain.com/All
LoginLogin, account creation or forgot password forms.domain.com/login
domain.com/signup
domain.com/forget
All
FormsAll URLs with forms, could be password forms, troubleshooting forms etc. Except the Account Creation form. domain.com/contact
domain.com/report
domain.com/comments
All
Account CreationAll URLs related to the account creation on a website/appdomain.com/signup,
domain.com/account/signup
All
CartAll URLs related to the basket in e-commerce websitedomain.com/cart,
domain.com/add-to-cart
All
PaymentAll URLs related to the payment processing on e-commerce website/appdomain.com/payment,
domain.com/checkout
All
RSSRSS/Atom feeds fetched by a desktop application or an online aggregator.domain.com/feed.json
domain.com/rss.xml
All

How to manage endpoints?

🚧

Deleted endpoint visualization

If you just deleted an endpoint, you will still be able to see it in the analytics screens of the dashboard if it matched traffic over the past 30 days. After the 30 days period, the corresponding deleted endpoint won't appear anymore on the analytics screens.

📘

Default endpoint

By default, one endpoint is pre-set in your account: “Web (default)”.
The endpoint “Web (default)” cannot be reordered or deleted.

Go to Management > Endpoints

A list of endpoints connected to your account is displayed.
The endpoints are matched following the top-down order: for a given request, the first matched endpoint is chosen. Changing the order in the list implies a change in the matching priorities.

Admin view

1104

Editor view

Protection status legend

Roles & actions

RoleAddEditReorderActivate/deactivate protectionActivate/deactivate detection
AdminYESYESYESYESYES
Editor-----
Viewer-----

Endpoint set-up

To set-up an endpoint, several pieces of information are requested.

General information

FieldMandatory/OptionalExplanation
NameMandatoryA unique label to identify the endpoint
DescriptionOptionalA free text description
Traffic sourceMandatorySee Traffic Sources
Traffic usageMandatorySee Traffic Usages
DataDome's cookie SameSiteMandatoryThe value of the "SameSite" attribute set for DataDome's cookie. By default "Lax", it can also be set to "Strict" or "None".
Response formatMandatoryThe content type of DataDome response sent to the requester in case of detection (Device Check, CAPTCHA or block page). It can be set to "AUTO", "HTML" or "JSON". By default, it is set to "AUTO".

Traffic identification

Two methods can be used to identify the endpoint traffic. The two methods described below are mutually exclusive: they cannot be used both at the same time for a given endpoint.

1. Traffic query

Traffic matching an endpoint can be defined using a single traffic query. The list of available fields and the syntax guidelines are described in the traffic queries syntax user guide.

📘

Case sensitivity

Traffic queries for endpoints definition are case-insensitive. All the values in the queries must be expressed with lowercase characters.

2. Regex on URL and UA

Traffic matching an endpoint can also be identified defining regex conditions (following the PCRE regular expression syntax) for at least one of the following elements:

  • Domain inclusion
  • URL path inclusion
  • URL path exclusion
  • User Agent inclusion

For example, here you can find a pattern of any relevant path for payment:

^(https?:\/\/)?([\w.-]+)\.(\w+)(\/[\w.-]*)*\/(pay|payment|checkout|purchase|order)(\/|$|\?)

How to analyze traffic?

The percentage of traffic is indicated for each endpoint. It includes normal users & bots and is calculated for the last 20 minutes.

You can analyze the endpoint’s traffic by clicking on Actions > View Traffic Details to display the following information:

  • An overview of the last 24 hours with the number of requests, URLs and IPs, the top 2 IP owners, and the top 3 UA.
  • The last 100 requests.

You can also analyze through the "Explore" view (Read more about the Explore view.